CVE Monitor
CVE-2025-30909
N/A
27 Mar 2025
Missing Authorization vulnerability in Conversios Conversios.io allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Conversios.io: from n/a through 7.2.3.
CVE-2025-30907
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SecuPress SecuPress Free allows DOM-Based XSS. This issue affects SecuPress Free: from n/a through 2.2.5.3.
CVE-2025-30904
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Chartify allows Stored XSS. This issue affects Chartify: from n/a through 3.1.7.
CVE-2025-30903
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Mills SyntaxHighlighter Evolved allows DOM-Based XSS. This issue affects SyntaxHighlighter Evolved: from n/a through 3.7.1.
CVE-2025-30900
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zoho Subscriptions Zoho Billing – Embed Payment Form allows Stored XSS. This issue affects Zoho Billing – Embed Payment Form: from n/a through 4.0.
CVE-2025-30899
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpeverest User Registration allows Stored XSS. This issue affects User Registration: from n/a through 4.0.3.
CVE-2025-30898
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mahdi Yousefi [MahdiY] افزونه حمل و نقل ووکامرس (پست پیشتاز و سفارشی، پیک موتوری) allows Stored XSS. This issue affects افزونه حمل و نقل ووکامرس (پست پیشتاز و سفارشی، پیک موتوری): from n/a through 4.2.3.
CVE-2025-30897
N/A
27 Mar 2025
Missing Authorization vulnerability in Adnan Analytify allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Analytify: from n/a through 5.5.1.
CVE-2025-30896
N/A
27 Mar 2025
Missing Authorization vulnerability in weDevs WP ERP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP ERP: from n/a through 1.13.4.
CVE-2025-30895
N/A
27 Mar 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in magepeopleteam WpEvently allows PHP Local File Inclusion. This issue affects WpEvently: from n/a through 4.2.9.
CVE-2025-30894
N/A
27 Mar 2025
Missing Authorization vulnerability in Epsiloncool WP Fast Total Search allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Fast Total Search: from n/a through 1.79.262.
CVE-2025-30893
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LeadConnector LeadConnector allows DOM-Based XSS. This issue affects LeadConnector: from n/a through 3.0.2.
CVE-2025-30891
N/A
27 Mar 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magepeopleteam WpTravelly allows PHP Local File Inclusion. This issue affects WpTravelly: from n/a through 1.8.7.
CVE-2025-30890
N/A
27 Mar 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SuitePlugins Login Widget for Ultimate Member allows PHP Local File Inclusion. This issue affects Login Widget for Ultimate Member: from n/a through 1.1.2.
CVE-2025-30888
N/A
27 Mar 2025
Cross-Site Request Forgery (CSRF) vulnerability in silverplugins217 Custom Fields Account Registration For Woocommerce allows Cross Site Request Forgery. This issue affects Custom Fields Account Registration For Woocommerce: from n/a through 1.1.
CVE-2025-30887
N/A
27 Mar 2025
Missing Authorization vulnerability in magepeopleteam WpEvently allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WpEvently: from n/a through 4.2.9.
CVE-2025-30885
N/A
27 Mar 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Bit Apps Bit Form – Contact Form Plugin allows Phishing. This issue affects Bit Form – Contact Form Plugin: from n/a through 2.18.0.
CVE-2025-30884
N/A
27 Mar 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Bit Apps Bit Integrations allows Phishing. This issue affects Bit Integrations: from n/a through 2.4.10.
CVE-2025-30883
N/A
27 Mar 2025
Missing Authorization vulnerability in richplugins Trust.Reviews allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Trust.Reviews: from n/a through 2.3.
CVE-2025-30881
N/A
27 Mar 2025
Missing Authorization vulnerability in ThemeHunk Big Store allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Big Store: from n/a through 2.0.8.
CVE-2025-30879
N/A
27 Mar 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in moreconvert MC Woocommerce Wishlist allows SQL Injection. This issue affects MC Woocommerce Wishlist: from n/a through 1.8.9.
CVE-2025-30877
N/A
27 Mar 2025
Missing Authorization vulnerability in fatcatapps Quiz Cat allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Quiz Cat: from n/a through 3.0.8.
CVE-2025-30874
N/A
27 Mar 2025
Missing Authorization vulnerability in Jose Specific Content For Mobile allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Specific Content For Mobile: from n/a through 0.5.3.
CVE-2025-30873
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpsoul Greenshift allows Stored XSS. This issue affects Greenshift: from n/a through 11.0.2.
CVE-2025-30872
N/A
27 Mar 2025
Cross-Site Request Forgery (CSRF) vulnerability in Nitin Prakash Product Author for WooCommerce allows Cross Site Request Forgery. This issue affects Product Author for WooCommerce: from n/a through 1.0.7.
Page 341 of 693